The macOS system must be configured to disable hot corners. (Cat II impact)
Although hot corners can be used to initiate a session lock or launch useful applications, they can also be configured to disable an automatic session lock from initiating. Such a configuration introduces the risk that a user might forget to manually lock the screen before stepping away from the computer.
To check if the system is configured to disable hot corners, run the following commands: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep wvous If the return is null, or does not equal: "wvous-bl-corner = 0 wvous-br-corner = 0; wvous-tl-corner = 0; wvous-tr-corner = 0;" this is a finding.
This setting is enforced using the "Custom Policy" configuration profile.
Rule ID: SV-230749r599842_rule
Vulnerability ID: V-230749
Group Title: SRG-OS-000031-GPOS-00012
The information system conceals, via the session lock, information previously visible on the display with a publicly viewable image.